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PERIPHERAL EQUIPMENT AND MANAGEMENT METHOD THEREOF 

BACKGROUND OF THE INVENTION 
Field Of the Invention 

Tlie present Invention ireXates to management of use 
of perlplieral equipment sucli as a printer: ^ a scannei:^ a 
copiex: and. a facsimile* 
Related Background Ax-t 

In the past, it was possible, in tiie peripiieral 
equipment sucH as a printer^ a copier, a facsimile 
(PAX) and a scanner, to perform management of jobs 
(displaying a job list, canceling a specified job and 
so on) of -wbicb operation or execution is pending in 
th-e equipment from a computer connected to tbe 
equipment via a console of tbe equipment or a network 
and so on ♦ 

In addition, in tbe past, tbe peripheral equipment 
such as the copier and the facsimile performed user 
anthentication, in order to perform user information 
management, by displaying a dialog for performing user 
authentication on the console and having user 
information inputted thereon. The user information 
obtained here was checked against a database of the 
user information managed inside the equipment so that 
use permission of the user was issued in the case where 
they coincided- Moreover, in the case where some 
printing was performed as a result of user operation. 
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tlie number of prints was logged togetHer w±tli the nser 
Information obtained on a login or accuniulated. on a 
counter for each user so as to manage the number of 
prints for each user* 
5 Xn addition, in the past, the peripheral equipment 

such as the printer and the copier performed, by 
discrete devices* management of the numbers of prints 
such as management of the accumulated number of prints 
for each user and limitation by the maximum nximber of 
10 prints* In this case, it was performed by providing in 
the ecruipment a counter for representing the 
accumulated printing, and ending printing or refusing 
to accept a Job when this value becomes a predetermined 
value • 

15 

SUMMARY OF THE INVENTION 

Therefore, an object of the present Invention is, 
in terms of Job management in a networSc environment, to 
provide peripheral equipment, an information processing 

20 apparatus, a peripheral equipment control system^ a 
management method, management software and storage 
media that allows a unified access control. Another 
object of the present invention is, in terms of job 
management in a networJc environment , to provide the 

25 peripheral equipment and the management method thereof 
capable of performing the unified access control 
without deteriorating performance. 



To attain ttie above objects* wiien managing tlie job 
inputted vi-a tlie network or tlie console accor<ixng to a 
job management coinmand issued likewise via tbe network 
or the console, tlie peripberal eqrzipnient o£ tb^ present 
invention managed by a directory server connected via 
tlie network decrypts an access ticket included in tbe 
job^ decrypts tbe access ticket included in tbe Job 
management command, and manages tbe Job according to 
tbe decrypted contents of tbe access ticket included in 
tbe Job and the access ticket included in tbe job 
management command , 

Other objects and characteristics of tbe present 
invention will be clear from the following description 
and drawings * 

BRIEF DESCRIPTION OF THE DRAWINGS 

FIG- 1 is a bloci?: diagram showing a conf igruration 
of a peripheral equipment control system according to a 
first embodiment; 

FIG. 2 is a block diagram showing a configuration 
of an MFP(l) and an MFP(2): 

FIG* 3 is a block diagram showing a hardware 
conf igtiration of a controller 11 r 

FIG- 4 is a blocK diagram showing the hardware 
configuration of a PC constituting a networic system? 

PIG- 5 is a diagram showing attaribute information 
held by the MFP ( 1 ) ; 
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FIG- 6 is a flowciiart showing a procednre for 
displaying and/ or changing a user management: mode of 
the MFP{1) from a PC(1), a PC(2) and a PC(3); 

FIG. 7 is a diagram showing a user interface 
5 screen displayed on a CRT 33 in a state of waiting for 
user-input in a step 51705; 

FIG- 8 is a flowchart showing an operating 
procedure for displaying and/or changing a directory 
server corresponding to the MFP(l) from the PC(1), the 
10 FC(2) axtd the PC(3); 

FIG- 9 is a diagram showing user interface screen 
displayed on a CRT 33 in a state of waiting for user- 
input in a step S1807; 

FIG. 10 is a flowchart showing the procedure for 
15 displaying and/or changing how to permit a login from 
the PC(1), the PC{2) and the PC(3) in the case where 
the MFP(l) cannot he connected to a directory server 6? 

FIG- 11 is a diagram showing a user interface 
screen displayed on a CRT 33 in a state of waiting for 
20 user-input in a step S2207; 

FIG, 12 is a flowchart showing the procedure for 
issuing a print Joh^ a scanner Joh, a fax transmission 
job and a copy Job from the PC(l>r the PC(2) and the 
PC(3) to the MFP(l)? 
25 FIG* 13 is a flowchart following FIG. 12 for 

showing the procedure for issuing a print job^ a 
scanner 3oh, a fax transmission job and a copy 30b from 
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ttxe PC(1), tHe PC{2) and the PC(3) to tiie MFP(l); 

FXG, 14 is a flowciiairt stiowing tlie procediojce for 
issuing a Job in a step S403; 

FIG, 15 is a flowcliaact showing the px-ooedure for 
5 receiving a job submittiug command when the MFP(l) 
receives the 30b issued by the process in FIG* 14; 

PIG. 16 is a flowchart following FIG, 15 for 
showing the proceduire for receiving the Job submitting 
command when the MFP(l) receives the Job issued by the 
10 process in FIG, 14; 

FIG. 17 is a diagram showing a data structure of 
the Job held in the MPP{1) as a result of the process 
in PIG, 14; 

PIG, 18 is a flowchart showing the procedure of 
15 the Job data held in the MFP{1) shown in FIG* 17; 

FIG- 19 is a flowchart following FIG. 18 for 
showing the procedure of the Job data held in the 
MPP(l) shown in FIG. 17; 

FIG. 20 is a flowcliart: showing a login procediare 
20 from an operation division of the MFP(l)r 

FIG. 21 is a flowchart following FIG. 20 for 
showing the login procedure from the operation division 
of the MPP ( 1 ) ; 

FIG. 22 is a diagram showing the data struotuire of 
25 a user information cache; 

FIG, 23 is a flowchart showing the procedure of a 
print pending Job in steps S924 and S9 22; 



?IG^ 24 is a diagram snowing the user interface 
sQ^^-een displayed on em LCD 23 in a step S1104; 

FIG, 25 is a flowchart showing the procedure when 
the MFP(l) receives an access command foir obtaining ox- 
setting individual attribute information from the 
PC(1), the PC(2) and the PC(3); 

FIG. 26 is a flowchart following FIG* 25 for 
showing the procedure when the MFP{1) receives an 
access command for obtaining or setting the individual 
attribute information from the PC(1), the PC(2) and the 
PC(3) ; 

FIG. 27 is a flowchart showing the procedure for 
Issuing a management command such as device management 
or 30b management from the PC{1), the PC(2) and the 
PC(3) to the lyEFP(l); 

FIG, 26 is a flowchart following FIG. 27 for 
showing the procedure for issuing a management command 
such as device management or job management from the 
PC(l), the PC(2) anA the PC(3) to the MFP(l); 

FIG, 29 is a diagram showing the data structure of 
the management command; 

FIG- 30 is a flowchart showing the procedure for 
MFP(l) to process the management command generated by 
the process in FIG- 22 and sent to the MFP(l); 

PIG- 31 is a flowchart following FIG- 30 for 
showing the procedure for MFP(l) to process the 
management command generated by the process in FIG.. 22 
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and. sent to tiie MFP(i); 

FIG. 32 ±s a. flowchart sliowxng the procedure for 
totaling the logs of the MPP(l) and the MFP{2) and 
updating the permitted number of prints and the number 
5 of acciimulated prints £or each user o£ the dlrectoxry 
server 6; 

FIG, 33 is a flowchart showing a computing 
procedure for computing the permitted number of prints 
when it is impossible to connect to the directory 
10 server in ttie step S923 in PIG. 17; 

FIG, 34 is a flowchart following FIG. 33 for 
showing a computing procedure for compnting the 
permitted ntoiaber of prints when it is impossible to 
connect to the directory server in the step S923 in 
15 FIG. 17; 

FIG- 35 is a diagram showing the data structure of 
the management command generated by a management 
command generation process mentioned later and sent to 
the MPP ( 1 ) ; 

20 FIG, 36 is a diagram showing the data structure of 

an access ticket cache held in a RAM 22 of the Mfp(1> 
by the process of an access ticket setting coinmand 
mentioned later? 

FIG, 37 is a flowchart showing the procedure for 

25 MFP(l) to process the management command generated by a 
management command generation process mentioned later 
and sent to the MFP{l)r 
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PIG. 38 ±s a. flowchart following FIG- 37 foi: 
showing the procedure for MFP(l) to process the 
management command generated by the management command 
generation process mentioned later and sent to the 

5 MFP(l); 

FIG. 39 is a flowchagct showing the procedure for 
issuing a management command such as device management 
or job management from the PC(1), the PC(2) and the 
PC(3) to the MFP(l) performing the process in FIG. 29? 

10 FIG. 40 and FIG. 41 are flowcharts showing the 

procedure of the MFP(l) in the case where a copy job is 
started from an operation panel of the MPP(l); and 

FIG. 42 is an example of the data structure of 
information on a user logging into each client PC 

15 registered with and managed by the directory server 6. 

DESCRIPTION OF THE PREFERRED EMBODIMENT 

Embodiments Of the present invention will be 

described hereafter by referring to tlie drawings* 
20 In the embodiments, peripheral eguipment is a 

multi function printei:, which is abbreviated as MFP in 

the following description. 

(First Embodiment) 

FIG* 1 is a block diagram showing a configuration 
25 of a peripheral eqijipment control system according to a 

first embodiment. In the drawing, reference numerals 1 

and 5 denote an MFP(l) and an MFP(2)^ respectively 
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(hereafter* unifoxmXy referxrecL to a.s ttie MFP(l) 1 and 
tlie MFP{2) 5). In addition, reference numerals 2, 3 
and 4 denote personal computers descrxbed as a PC(1), a 
FC(2) and a PC(3), respectively (liereafter un±fo2rmly 
5 referred to as tiie PC(1) 2, the PC(2) 3 and ttie PC(3) 
4), The PC(1) 2, tlxe PCt2> 3 and the PC(3) 4 are 
connected to the MPP(l) 1 and the MPP(2) 5 by way of a 
% network 10 or a local interface respectively- On the 

tf| PC(1) 2, the PC(2) 3 and the PC(3) 4, peripheral 

4=; equipment control software related to the present 

iji invention operates and reqiiests the MPP{1) 1 to process 

' the johs such as a print, a scan^ a copy or a faac 

13 transmission and reception or inquire ahout attribute 

, if ft 

fij information of the MFP(l) 1 and the KIFP(2) 5* 

]J[ 15 In addition^ reference numeral 6 denotes a 

directory server having a centralized management 
function of user information and device information on 
the network 10, and is comprised of a general purpose 
computer and so on* This directory server 6 also has a 
20 KDC (Key Distribution Server) function in a Kerberos 

protocol (RFC1510) and issues a TGT (ticket Generation 
Ticket) ticket and an access ticket required for 
accessing a specified resource in compliance with 
regulations of the Kerberos protocol. 
25 Moreover, this directory server 6 is supposed to 

have an MFPd) 1 and an MFP(2) 5 already registered. 
This data can be referred to and updated from a PC(1) 2 
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and. a PC(2) 3 t>y us±ng an LDAP protocoX (RFC1777), 
Eacii piece of tine usex- ±nf oima-tioix managed ±n ttie 
directoxy server- 6 includes a user name, a password, 
ttie permitted, ninnber of prints of the user and th.e 
5 accumulated number o£ prints of tbe user* In addition, 
eacb. piece of tiie device information managed in the 
directory server 6 includes a device name and a 
M cryptograph key. 

d The nsers using the PC(X) 2, the PC(2) 3 and the 

10 PC{3) 4 are registered with and managed by the 
^ directory sezrver 6 as network users, and may use 

'"'"^ network resources such as various application servers 

p (not shown) on the network 10 and the perijjheral 

■m equipment including the MFP(l) 1, the MFP(2) 5 and so 

JJJ 15 on managed by the direotoxy servex* 6. 

1^^^ FIG, 2 is a block diagram showing a configuration 

of the peripheral equipment (the MFP{1) 1 and the 
MFP(2) 5). In the diagram, reference numeral 11 
denotes a controller for controlling the peripheral 

20 equipment* Reference niimeral 12 denotes a 

communication interface for the controller 11 to 
communicate with the outside of the peripheral 
equipment, which is an Ethernet interface, an XEEE1284 
interface or another communication interface for 

25 instance - 

Reference numeral 13 denotes a scanner engine and 
is controlled by the controller 11- Reference numeral 
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14 denotes a printer engine and is controlled by ttie 
controller 11, and for instance, it is a laser beam 
printer, an ink Jet printer or another printer* 

Reference numeral 15 denote s a FAX board for 
iraplenienting a FAX function of performing cotrtmunication 
control sucli as sending and receiving images , and is 
controlled by tbe controller 11. Reference numeral 16 
denotes a user interface comprised of an LCD display 
and a keyboard^ and displays information from tlie 
controller 11 and communicates an instruction from tbe 
user to tbe controller 11. 

The peripheral equipment baving such, a 
configuration selects a printer engine 14 and allows a 
piETint 30b to be issued. In addition, it selects tbe 
printer engine 14 and a scanner engine 13 to allow a 
copy job to be issued. Moreover, it selects tbe 
printer engine 14, tbe scanner engine 13 and tbe FAX 
board 15 to allow a FAX reception 30b and a FAX 
transmission job to be issued. 

FIG- 3 is a block diagram sbowing a bardware 
configuration of tbe controller 11. Tbe controller- 11 
is mutually connected via a system bus 20 witb a CPU 
21, a RAM 22, an LCD 23, a keyboard 24, a ROM 25, a 
communication interface 26, a scanner engine 27, a 
printer engine 28, a FAX board 29 and a disk 30. 

A program for controlling tbe controller 11 is 
stored in the ROM 25 or tbe disk 30, and is read by tbe 
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RAM 22 as reqiaxre^ and executed t>y ttie CPU 21. Also, 
the ROM 25 ox- tlie d±sk 30 lias attribute information 
showing the pex-ipheral equipment and functions and 
states of the jobs to be processed by the pe^ripheiral 
5 ecjuipment and 30b data 1:o be output ted and so on stored 
in addition to the control pjcograia* Moreover, the CPU 
21 produces a display on the LCD 23 and is instructed 
by the user from the keyboard 24* In addition, the CPU 

O 21 performs coitinrtmication with the ou.ts±de through the 

j; 10 interface 26. 

J: In the peripheral equipment (FXG, 2) according to 

"'''^ this embod-iment , unless specifically noted otherwise, 

p the CPU 21 receives the user-input from the Jceyboard 24 

m via the system bus 20 and controls the RAM 22 , the LCD 

15;? 15 23, the ROM 25^ the communication interface 26^ the 

scanner engine 27, the printer engine 28, the FAX board 
29 and the disk 30. 

FIG, 4 is a block diagram showing the hardware 
configuraition of the PC constituting a network system. 
20 On the PC, a CPU 31, a RAM 32, a CRT 33, a keyboard 34, 
a pointing device 35, a ROM 36, a disk 37 and a 
communication interface 38 are mutually connected via a 
system bus 40. Th.& program for controlling the PC is 
stored in the ROM 36 or the disk 37. and is read by the 
25 RAM 32 as reqiaired and. executed by the CPU 31, 

Moreover,, the CPU 31 produces a display through the CRT 
33 and is instructed by the user from the keyboard 34 
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and the point ±ng device 35, In addition, tlie CPU 31 
perfoxms communication with tlxe outside thacoiagh tiie 
communioation interface 38- 

In th-e PC accoocding to this embodiment r imless 
specif icaXiy noted otliearwisey ttie CPU 31 receives tiie 
user-input from the Xeyboaxd 34 or th.e pointing device 
35 via the system bus 40 and controls the RAM 32, the 
CRT 33, the ROM 36, the disk 37 and the communication 
intex'face 38. In addition, the user^s instruction to 
the MFFs and display of infonaa^tion to the user may be 
performed either tbrongh a local, user interface 16 or 
through the device to be a client connected to the 
network 10 such as the PC(1) 2, the PC{2) 3 and the 
PC(3) 4- 

FIG. 5 is a diagram showing the attribute 
information held by the MPP{1) 1. While the MFP{2) 5 
has the same data structure as the MFP(l) i, values 
held thereby are different* Such information is held 
by the ROM 25, the RAM 22 and the disk 30, and the 
Individual attribute infoarmation may be obtained or set 
from the PC(1) 2, the PC(2) 3 and the PC(3) 4 by the 
process mentioned later. 

In the diagram, 301 is a "Supported User 
Management Mode List" attribute, and holds a plurality 
of values as a list, that is, "No User Management," 
"Password," "User ID," "User ID and Password" and "Join 
Security Doma.in , " 
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Reference numeral 302 denotes a. "Current User 
Management Mode" attribute, and holds "Join Security 
Domain" as the value* Reference numeral 303 denotes an 
"Adaptive Directory Server Type List" attribute, and 
5 holds a plurality of valjaes as the list , that is , 

"Standard LDAP Server," "Active Directory (MS)," "NDS 
(Novell)" and "Open LDAP*" 

Reference numeral 304 denotes a "Current Directory 
Server Type" attribute, and holds "Active Directoiry 
£ 10 (MS)" as the value. Reference numeral 305 denotes a 
rg "Current Directory Server IP Address attribute, and 

' holds "123. 56, 54. 21" as the value. Reference 

tl numeral 306 denotes a "Cryptograph key" attribute^ and 

flj holds "Ox34q4bffcdca001'' as the value. This value 

S 15 becomes effective in the case where the "Current User 
Management Mode" attribute is "Join Security Domain," 
and is used to interpret the access ticket issued from 
the directory server 6, 

Reference numeral 307 denotes a "Permission to Use 
20 in case of Inaccessible Directory Server" attribute, 
and holds "TRUE" as the value* Reference numeral 308 
denotes a "Limit Types for Use in case of inaccessible 
Directory Server" attribute, and holds a plxirality of 
values as the list* that is, "No Limit," "Time," "Time 
25 and Fixed Max No. of Prints," "Time and Max No, of 

Prints," "Fixed Max No, of Prints," "Max No. of Prints" 
and "For each Login 
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Reference numeral 309 aenotes a "Curreixt L±niit 
Types £or Use in case of Inaccessible DxrectorY SeaTvex*"* 
attribute,, and ttoias "Time" as tlie value* Reference 
numeral 310 denotes a "Time Liitiit" attr±t>ute, and holcis 
5 "48 Hours" as the value. Reference numeral 311 denotes 
a "Daily Reduction Ratio .of Max No. of Prints" 
attribute, and iiolds "30" as tlie value- Reference 
numeral 312 denotes a "Max No- of Prints" attribute, 
and liolds "100" as th.e value. Reference numeral 313 

10 denotes a "Max No, of Prints for each I*ogin" attribute, 
and iiolds "20" as the value* 

FIG. 6 is a flowcliar-t sliowing the procedure for 
displaying and/or changing a user management mode of 
tHe MFP(l) 1 from the PC(1) 2, tlie PC(2) 3 and the 

15 PC(3) 4* This processing program runs on the PC(1) 2, 
tlie PC(2) 3 and the PC(3) 4. First, it obtains 
attribute infoarmation 301 of the MPP(l) 1 (step S1701>. 
This attribute information is obtained by sending an 
attribute acqxixsition command from tlie PC(1) 2^ tlie 

20 PC(2) 3 and tbe PC{3} 4 to the MFP{1) 1 and processing 
this command on the MFP(l) l. And it displays the 
obtained attribute information on tlxe CRT 33 (step 
SI 702). Furthermore, it obtains a "Current User 
Management Mode" attribute 302 ttiat is tUe attribute 

25 information (step S1703) and displays it on the CRT 33 
{step S1704) . 

It waits for tlie user-input (step S1705)^ and sets 
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the "Current User Management Moae" attribtite 302 that 
is the attribute inf omaatiou (step S1706) according to 
the user-input to finish the process. This a^ttribute 
information is set by sending an attribute setting 
5 command from the PC(1) 2, the PC(2) 3 and the FC{3) 4 
to the MFP(l) 1 and processing this command, on the 
MFP (1 ) 1 - 

FIG- 7 is a diagram showing a user interface 
screen displayed on the CRT 33 in the state of waiting 

10 £or user-input in a step S1705- In the diagram, lOl 
indicates a list of the user management modes 
(attribute 301) that can be selected by the user* The 
attribute 302 of the currently set user management mode 
is in reverse video in 102 in the diagram. The user 

15 selects a desired user management mode and puts it in 
reverse video, and presses an OK button 103 to execute 
the process of the step SI 706 and perform setting of 
the user management mode. 

Moreover, the procedure in FIG. 6 may be performed 

20 by, instead of the PCs, the controller 11 of the MFP(l) 
1 itseif of which user management mode is to be 
changed, and the display in FIG. 7 may also be 
performed on the user interface 16 included in the MPP. 
It may also be performed and/or displayed on the other 

25 MPP(2) 5- 

FIG. 8 is a flowchart showing an operating 
procedure for displaying and/or changing a directory 
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server corresponding to ttie MFP(l) 1 from tHe PC{1) 2, 
the PC(2) 3 an<a the PC{3) 4* TtiJ-S procedure ±0 
performed on the PC(1) 2, the PC(2) 3 and the PC (3) 4. 

Firsts attribute information 303 Is obtained (step 
5 S1801)- This attribute information is obtained by 
sending the attribute acquisition coiranand from the 
PC{1) 1, the PC(2) 3 and the PC{3) 4 to the MFP{1) 1 
and processing this command on the MFP(l) 1 following 
the procedure mentioned later. And the obtained 
10 attribute information is displayed on the CRT 33 (step 
S1802) , 

Furthermore, attribute information 304 is obtained 
(step S1803) and the obtained attribute information is 
displayed on the CRT 33 (step S1804), Attribute 

15 information 305 is obtained (step S1805) and the 

obtained attribute information 305 is displayed on the 
CRT 33 (step S1806) . 

The user-input is waited for (step SiS07 ) , and 
attribute information 304 and 305 is set accoroLing to 

20 the user-input (step S1808), ^This attribute 

information is set by sending an attribute setting 
command from the PC(1) 2, the PC(2) 3 and the PC(3) 4 
to the MFP(l) 1 and processing this command on the 
MFP(l) 1 following the procedure mentioned later- 

25 FIG* 9 is a diagram showing the user interface 

screen displayed on the CRT 33 in the state of waiting 
for user-input in a step S1S07* In the oLiagrain, 201 
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indicates the list of tlie d±rectory server types 
(attr-ifeute 303} tliat can be selected by tlxe user. Ttie 
currently set dJ.recto3cy server type (attribute 304) is 
in reverse video in 202 in tlie diagrain* Moreover,, an 
IP address 305 of the cxirrently set directory seirver is 
displayed in an address division 203. The user selects 
a desired directory server type and puts it in reverse 
video, inputs a desired IP address in tne address 
division 203, and presses an OK button 204 to execute 
tbe process of tlie step S1808 and perforin setting of 
tb-e corresponding directory server* 

Moreover, tlie process shown in FIG- 8 may be 
performed by^ instead of tbe PCs, the controller 11 of 
the MFP(X) 1 itself of which set directory seirver is to 
be changed, and the display shown in PIG* 9 may also be 
performed by the user interface 16 included in the MPP. 
It may also be performed and/or displayed on the other 
MFP(2) 5. 

FIG. 10 is a flowchart showing the procedure for 
displaying and/ or changing from the PC(1) 2, the PC(2) 
3 and the PC(3) 4 how to permit a login in the case 
where the MFF(l) cannot be connected to the directory 
server 6, This procedure is perfoxtned on the PC(1) 2, 
the PC{2) 3 and the PC(3) 4. 

First, a "Lijiiit Types for Use in case of 
Inaccessible Directory Searver" attribute 303 that is 
the attribute information is obtained (step S2201) - 
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Ttie attribute infoxmation is obtained by seuding the 
attx-ibute acguisition command from th.e PC(1) 2, tlie 
PC(2) 3 ana the PC{3) 4 to the MFP(l) 1 and processing 
this coinmand on the MFP(l) 1 following the procsedure 
5 mentioned later. And the obtained attribute 

i^nforraation is displayed on the CRT 33 (step S2202). 

A "Current Liinit Type £or Use in case of 
Inaccessible Directory Server" attribute 309 that is 
the attribute Information is obtained {step S2203) and 

10 the obtained attribute information is displayed on the 
CRT 33 (step S2204) . Furthermore, a "Permission to Use 
in case of Inaccessible Directory Server" attribute 307 
that is the attribute information is obtained (step 
S2205)- The obtained attribute information is 

15 displayed on the CRT 33 (step S2206) . 

The user-input is waited for (step S2207) , and 
attribute information 309 and 307 is set according to 
the user-input (step S2208) to finish the process. The 
attribute information is set by sending the attribute 

20 setting command from the PC(1) 2. tii© PC(2) 3 and the 
PC{3) 4 to the MPP(l) 1 and processing this command on 
the MPP{1) 1 following the procedure mentioned later. 

FIG^ 11 is a diagram showing the user interface 
screen displayed on the CRT 33 in the state of waiting 

25 for the user-input in a step S2207. In the diagram, 

2102 indicates the contents of the "Limit Types for Use 
in case of Inaccessible Directory Server" attribute 
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308, ana the value of ttie "Current Limit Type for Use 
in case of Inaccessible Directory Server" attribute 309 
is in reverse video in 2103 in tlie diagram. Moreover^ 
tbe value of tlie "Permission to Use in case of 
5 Inaccessible Directory Seirsrer** attril^ute 307 is 

displayed in a checlt box ,2101- Tlie user performs a 
desired setting and tben presses an OK button 2104 to 
execute tlie process of ttie step S220S and perform 
setting of tbe attribute information. 

10 Moreover^ tbe process sliown in FIG. 10 may be 

performed by, instead of tbe PCs* tbe controller 11 of 
ttie MPP(l) 1 itself of whicb. setting is to be ciianged^ 
and tlie display sbown in FIG- 11 may also be perfoinned 
by tbe user interface 16 included in the MFP» 

15 Furtb^eannore , it may be performed and/or displayed on 
tlie otber MFP(2) 5. 

FIGS, 12 and 13 are flowcliarts sbowing the 
procedure for issuing a print job, a scanner job, a fax 
transmission Job or a copy Job from tbe PC(1) 2, the 

20 FC(2) 3 and tiie PC(3) 4 to the MPP(l) 1. 'I?his 

procedure is performed on the PC(1) 2, the PC(2) 3 and 
the PC(3) 4. 

First, the "Current User Management Mode" 
attribute 302 that is the attribute information held by 

25 the MFP(l) 1 is obtained (step S401). It is detennined 
whether or not the value of the attribute information 
302 is "No User Management" (step S402) * In the case 
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whexre it is "No User- Management:" as a result: o£ tlie 
detexitiination^ otlier information required for the joh 
is set on the 30^, and then the job is issued to the 
MFP(l) 1 (step S403)* Then the process is finished- 

On the other hand, in the case where it is "User 
Management" in the step S402, it is determined whether 
or not the value of the attribute information 302 is 
"Password" (step 5404). In the case where it is 
"^Password" as a result of the determination, the user 
interface screen prompting for the password is 
displayed on the CRT 33 (step S405) - And in the step 

5403, other information re<g[uired for the inputted 
password and the job is set on the job, and then the 
job is issued to the MFP(l) 1* 

On the other hand^ in the case where it is not 
"Password" as a result of the determination in the step 

5404, it is determined whether or not the value of the 
attribute information 302 is "User ID" (step S406) * In 
the case where it is "User ID" as a result of the 
determination, the user interface screen prompting for 
the user ID is displayed on the CRT 33 (step S407)* 
And in the step S403, other information required for 
the inputted user ID and the job is set on the job, and 
then the job is issued to the MFP(l) 1. 

On the other hand, in the case where it is not 
"User ID^ as a result of the detentiinatlon in the step 
S406, it is determined whether or not the value of the 
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a-ttribute information 302 is "User ID and Password" 
(step S40S). In tilie case wtiere it is "User ID aii<3. 
Password" as a result o£ tlie determination^ tlie user 
interface screen prompting for the user ID and password 
5 is displayed on tne CRT 33 {step S409) . And in tlie 

step S403, ottier information required for tlie inputted 
user ID, password and tlie job is set on th.e 30b, and 
S tHen tbe job is issued to tbe M[FF(1) 1* 

^ On tlie other Iiand, in tb.e case where it is not 

+j 10 "User ID and Password" as a result of ttxe determination 
Ep in the step it is determined whether or not the 

user has already logged in to a security domain managed 
by the directory server 6 on tUe PC being used {step 
fij S410). This determination is made by inquiring of an 

□ 15 operating system of the PC being used* In the case 
where the user has not logged in as a result of the 
determination, the user interface screen prompting for 
the user ID and password is displayed on the CKT 33 
(step S411) , and the information is sent to tbe 
20 directory server 6 by using the Kerberos protocol so as 
to obtain TGT (Ticket Generation Ticket) information 
(step S413) - 

On the other hand, in the case where the user bas 
already logged in as a result of the determination in 
25 the step S410^ the TGT used in a otirrent session is 

requested of tbe operating system and is obtained {step 
S412), 
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THe TOT obtained in tixe step S412 or S413 is used 
to obtsLxn the permitted number o£ prints inf ozmation of 
ttie user failing xmcier the tiser name h.6ld by tlie 
operating system or the user name inputted in the step 
5 S411 from the directory server 6 by the Kerberos 
pzrotocol end the LDAF protocol (step S414) . 

It is determined thereafter whether or not the 
permitted number of prints is one or more (step S415), 
and in the case where it cannot be printed since it is 

10 less than one as a result of the determination, the 

user intearface screen representing that the Job cannot 
be issued is displayed on the CRT 33 (step S416} to 
finish the process. 

On the other hand,, in the case where printing is 

15 possible with the permitted number of prints of one or 
more as a result of the determination in the step S415, 
the TGT obtained in the step S412 or S413 and a 
parameter of an identifier identifying the MFP{1) 1 of 
the job issue destination are sent to the directory 

20 server 6 by the Kerberos protocol to obtain the access 
ticket for the MFP(l) l (step S417)- The access ticket 
obtained here has the information on tiie user name, the 
user ID, the user's permitted number of prints and its 
expiiration date that is encrypted by cryptograph key 

25 attribute information 306 of the MFP(i) 1. A data 

format in the access ticket and encryption (algorithm) 
to be used are uniquely determined in advance according 



to tlae GUzrarentXy corxesponding alrectoxy^ seirsreir type 
(attribute information 304). 

And -tiie access ticket obtained in the step S417 
and tlie oth-er information required for tiie Job are set 
on tiie job, and tlien the 30b is issued to tlie MFP(l) 1 
(step S418) to finisli tlxe process - 

FIG. 14 is a flowcliart showing the procedure for 
issuing the 3oi> in the step S403, First, the parameter 
of the attribute setting command for the attribute 
required for the job is set (step This 
parameter is comprised of an attribute name of a 
setting subject and the value therefor. The attribute 
setting command created in tfae step S502 is sent to the 
MFP(l) 1 (step $503). It is deteacmined whether or not 
the setting of the required job attribute is completed 
(step S504), and in the case -where it is not completed, 
the process in the step S502 is repeated. 

On the other hand, in the case where the setting 
of the required Job attribute is completed in the step 
S504, target data of job processing such as image data 
created by an application and so on is sent to this MFP 
by a job data transmission command {step S505)* A job 
submitting completion notice command showing compXetion 
of sending the job submitting command is sent (step 
S505) to finish the process - 

FIGS- 15 and 16 are flowcharts showing the 
procedure for receiving a job submLxtting command when 
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tile MFP{X) 1 receives the Job Issued by tlie process ±n 
FIG. 14 » This process is performed by tiie MFP(l) 1 
eacli time the command constituting tbe job is received. 
Tlie received command and its parameter are 
5 analyzed (step S60i) * As a resuXt of this analysis^ it 
is determined wlietlier or not the received command is 
^ the attribute setting command (step S602). Xn the case 

^ ^ere the received command is the attrit>ute setting 

y1 command, it is determined whether or not the attribute 

10 can be interpreted by the MFP(l) 1 (step S603)* 
^ In the case where it can be interpreted^ a pair of 

53 the specified attribute name and attribute value is 

In stored as the 30b data on the RAM 22 or the dis3c 30 

L|f according to the analysis results obtained in the step 

E3 15 S60i (step S604) to finish the process* On the other 

hand, in the case where it cannot be interpreted in the 
step S603, it is impossible to set the attribute 
specified by the received attribute setting command, 
and so it is communicated in reply that the attribute 
20 could not be set (step S616} to finish the process. 

On the other hand, in the case where the received 
command is not the attribute setting command in the 
step S602, it: is determined whether or not the received 
command is the Job data transmission command from the 
25 analysis results obtained in the step S601 (step S611) . 
In the case where it is the Job data transmission 
command, the job data received following the command is 
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Stored in the RAM 22 or the disk 30 (step S612) to 
finish the process - 

On the other hand., in the case where it is not the 
job data transmission command in the step S611, it is 
5 determined whether or not the received command is a job 
submitting termination notice command from the analysis 
results obtained in the step S601 (step S613) . In the 
case where it is the Job submitting termination notice 
^ command » processing of the job data held in the RAM 22 

10 or the disk 30 is started (step S614). On the other 

Si 

frf hand, in the case where it is not the job submitting 

termination notice cotnmauad, the received command is 
anoth-er command, and a process depending on the other 
]J command is performed {step S615) to finish the process, 

15 FIQ- 17 is a diagram showing the data structure of 

the job held in the MFF(X) 1 as a result of the process 
in FIGS. 15 and 16, This job is comprised of an 
attribute list 701 representing the function and 
attribute of the job and job data 702 representing the 

20 data to be the processing target of the job. The job 
data 702 is not necessary depending on the job type. 
The attribute list 701 is the list of a pair of an 
attribute name 711 and an attribute value 712 
corresponding thereto. 

25 In the diagram, reference numeral 721 represents 

that the job is the printing job. Reference numeral 
722 represents that the job starting mode is pending. 
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Reference numeral 723 represents "tliat tlie user 
managemen-t mode is "Join Seourity Domain" and indicates 
tiiat an access ticket 726 is used as tlie user 
information on tii© job- Reference ntuneral 72 4 denotes 
5 tbe attribute for wliicli tiie user XD is set in tlie case 
where the user luaua-gement itiode is "U^er XW* or "User ID 
and Password." Reference numeral 725 denotes the 
attrilDute for which, the password is set in the case 
where the user management mode is "Password" or "User 

10 ID and Password." Reference numeral 726 denotes the 
attribute for which the access ticket is set in the 
case where the user management mode is "Join Security 
Domain," Moreover, as for the attributes 724, 725 and 
726, only what is necessary may be set as the job data 

15 according to the contents of the attribute 723- 
FIGS* 18 and 19 are flowcharts showing the 
procedure of the job data held in the MFP(l) 1 shown in 
FIG- 17. This procedure is performed on the MFP(l) 1, 
First, the attribute information (ciorrent user 

20 management mode) 302 is obtained (step S801) . It is 
determined whether or not the value of the attribute 
information 302 is "No User Management" (step S802). 

Xn the case of "No User Management" as a result of 
the determination, the processing of the attributes 

25 except the attributes 723, 724, 725 and 726 is 

performed (step S803), and 30b data processing is 
performed based on these attributes (step S810) , The 
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job processing results are logged (step SSll) to £±u±sh. 
tlie process, TtdLs log is stored in tiie RAM 22 or the 
cLtsK 30. 

On tiie otlier hand, in the case where -there is the 
user management as a result of the determination in the 
step S802^ it is determined whether or not the value of 
the attribute information 302 is "Password*" (step 
S804) * In the case where it is "Password" as a result 
of the determination, a password value held in advance 
in the RAM 22 or tlie dislc 30 is compared, to attribute 
information 725 (step S805), and in the case where they 
coincide, the job processing is continued in the step 
S803 • On the other hand, in the case where they do not 
coincide, the job processing is aborted • 

On the other hand, in the case where it is not 
"Password" as a result of the determination in the step 
SS04, it is determined whether or not the value of the 
attribute information 302 xs "User ID" (step SS06) , In 
the case where it is "User XD" as a result of tiae 
determination, a user ID value held in advance in the 
RAM 22 or the disfc 30 is compared to attribute 
information 724 (step S807) , and in the case where they 
coincide the job processing is continued in the step 
S803* On the other hand, in the case wb.ere they ao not 
coincide, the job processing is aborted* 

In the case where it is not "User ID" as a result 
of the determination in the step S806, it is determined 



- 29 ■- 

Wiiether or not the value of ttie attribute information 
302 is "User XD and Password" (step S80S). In th.^ case 
where it is "User XD and Password" as a result of ttie 
determination^ the user ID value and the password value 
5 held in advance in the RAM 22 or the disk 30 is 
compared to attribute information 724 and 725 
respectively (step S809) , and in the case where they 
coincide, the job processing is continued in the step 
Sd03- In the case where they do not coincide, the 30b 

10 processing is aborted* 

On the other hand* in the case where it is not 
"User ID and Password" as a result of the determination 
in the step S808, the access ticket value 726 is 
docarypted by using the cryptograph key that is the 

15 attribute information 306 (step S812)- And it is 

determined whether or not the access ticket is valid 
(step S813), In the case where the access ticket value 
could not be decrypted or the value of the permitted 
ntimber of prints held in the access ticket is 0, it is 

20 determined that the access ticket is invalid in the 

step S813, and the job data is abandoned (step S814) to 
finish the process. 

On the other hand, in the case where it is 
determined that the access ticket is valid in the step 

25 S813, the peinnitted number of prints information of the 
user falling under the user ID in the access ticket is 
obtained from the directoiry server 6 by the Kerberos 
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protocol and tli^ LDAP protocol (step SSIS) . 

Xt ±s determined whether or not It can be printed 
with the permitted number of prints of one or more 
{step S816), and In the ca.se wiiere it cannot be 
printed, the jjofo data is abandoned (step S817) to 
finish the process- On the other hand. In the case 
where it can be printed as a result of the 
determination in the step S816, the processing of the 
attributes except the attributes 723, 724^ 725 and 726 
is performed (step S818) , and Job data processing is 
performed based on these attributes (step S819)- 
Moreover, tills processing is monitored so that the 
permitted number of prints obtained from the process ±ti 
the step S8X5 is not exceeded, and in the case where 
the ma:«:imum number of prints is exceeded, it causes the 
job data processing to abnormally end. Whether the 30b 
normally ends or abnormally ends, the job processing 
results are logged (step S820) to finish the process - 
The user ID and the number of prints printed by the 30b 
are logged, which is stored in the RAM 22 or the dislc 
30. 

Moreover^ while the Job data is once constructed 
in the MFP(l) 1 in the process in FIGS. 15 and 16 and 
then it is processed again in the process in PIGS, 18 
and 19 in this embodiment, it is also feasible, as 
another embodiment, to tanite the process in FIGS* 15 
ana 16 with the process in FIGS* IS and 19, thus 
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slTttulta-neously performing a job analysis and tlie job 
pirocessxng • 

In addition^ while the permitted numbeir of prints 
in the access ticket is deteirmiued in the step S813, 
5 and the peritiltted nwiber of prints of the user held in 
the directory server 6 is determined in the steps S815 
and S816 in thli5 embodiment, it is also feasible, as 
another embodiment, to omit either the determination of 
the permitted number of prints in the access ticket in 

10 the step S813 or the detexmination of the permitted 
number o£ prints of the user held in the directory 
server 6 in the steps S8l5 and S816- 

In addition^ while the job results are held as 
logs in the MFP(l) 1 in the step SS20 in this 

15 embodiment, it is also feasible to update the permitted 
number of prints and the accumulated number of prints 
of the user held in the directory server 6 by the 
number of prints printed by the job* The permitted 
number of prints is updated by obtaining the permitted 

20 number of prints and the accumulated number of prints 

indicated by the user ID held in the directory server 6 
by the LDAP protocol, subtracting the number of prints 
printed by the job from the permitted number of prints, 
and further adding the number of prints printed by the 

25 job to the accvimulated number of prints, and then 

setting these obtained values in the directory server 6 
by the LDAP protocol. 
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FIGS. 20 and 21 are flowcharts sliowing ttie 
procedure of ttie login screen displayed on an LCD 23 of 
the MFP(l) 1- This process is performed on the MFP(l) 
1. First, the attribute information 302 (current user 
management mode) is obtained (step S901)- It is 
determined whether or not the value o£ the attribute 
informa-tion 302 is "No User Management" (step S902) • 

In the case where it is "No User Management" as a 
result of the determination, the login information is 
stored in the RAM 22 (step S903), The iogin 
information holds the user management mode, the user ID 
and the permitted number of prints as of logging in. 
The permitted nuinbex- of prints is sequentially updated 
by the number of prints used in the Jobs accompanying 
printing such as a print Job and a copy job issued from 
the console within a login period, and the job is 
finished when the value of the permitted number of 
prints becomes 0- In the step S903^ the permitted 
ntamber of prints is set at infinity. The user id in 
the login information is logged together with the 
number of prints used in the job- After the process of 
the step S903, a print pending job is processed (step 
S924) to finish the process. 

On the other hand, in the case where there is the 
user management as a result of the determination in the 
step S902, it is determined whether or not the value of 
the attribute information 302 is "Password" (step 



- 33 - 



S904). In the case wliare there ±s the password as a 
result of the determination, the user Interface screen 
prompting for the password is displayed on the LCD 23 
and the inputted password is compared to the password 
value held in advance in the RAM 22 or the disk 30 
(step S905), and in the case where they coincide, the 
login processing is continued in the step S903, In the 
case where they do not coincide, the processing is 
aborted as no login allowed • 

On the other hand^ in the case where there is no 
password as a result of the determination in the step 
S904, it is deterttiined whether or not the value of the 
attribute Information 302 is "User ID" (step S906) . Xn 
the case where it is "User ID," the user interface 
screen prompting for the user ID is displayed on the 
I»CD 23 and the inputted user ID is compared to the user 
ID value held in advance in the RAM 22 or the disk 30 
{step S907) , and in the case where they coincide, the 
login processing is continued in the step S903- In the 
case where they do not coincide^ the processing is 
aborted as no login allowed • 

On the other hand, in the case where it is not the 
user ID as a result of the determination in the step 
S906, it is determined whether or not the value of the 
attribute infoxroation 302 is "Usenr ID and Password" 
(step S908). In the case where it is "U§er ID and 
Password" as a result of the determination, the user 
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interface screen prompting for the user ID and tlie 
password is displayed on tixe LCD 23 and tlie inputted 
user ID and password are compared to tlze user ID vaXue 
and tiie password value held in advance in the RAM 22 or 
5 the disk 30 (step S909), and in the case where they 

coincide^ the login processing is continued in the step 

In the case where they do not coincide, the 
processing is aborted as no login allowed. 

In the case where it is not "User ID and Password" 

10 as a result of the determination in the step S906, an 

attempt is made to access the directory server shown in 
the attribute information 305 so as to determine 
whether or not it is connectabXe (step S910), 

In the case where it is accessible, the user 

15 interface screen prompting for the user ID and the 

password is displayed on the LCD 23 (step S912) , and 
the inputted user ID and password are used to obtain 
the access ticket from the directory server 6 by the 
Kerberos protocol (step S914). 

20 On the other hand, in the case where an error is 

sent in reply from the directory server 6 to the effect 
that the user name or the password is invalid, such as 
a case of incorrect user name or password, the user 
interface screen prompting for the user ID and the 

25 password is displayed again in the step S912- 

And the access ticket obtained from the directory 
server is decrypted by using a Gr^to0raph key 306 
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(step S915)- Va-lXdity of the access "txclcet is 
determined, (step S916) - Tlxis aetermiuaLtion. is niad.e by 
checJcing wiietliej: tiie ticket is witliin its expiration 
date and whether the permitted maiaber of prints is one 
5 or more. In the case where the access ticket Is not 
valid as a r-esult of the determination in the step 
S916, the user interface screen r-epresenting that the 
devices may not be used with this user- name is 

'-4.-,'? 

^ displayed on the LCD 23 (step S917) to finish the 

.f! 10 process, 

ffl On the other hand, in the case where the access 

'"^ ticfcet is valid as a result of the determination in the 

0 step S916 r the login information is stored and the user 

cache information is updated (step S9 25) . Of the login 
J;[f 15 information,- the number of prints held by the access 
1^^ ticket is set as the pexmitted number of prints* 

FIG- 22 is a diagram showing the data structuire of 
the user information cache. This user information 
cache is held in the RAM 22 or the disk 30. The user 
20 information cache is updated by adding the user- name 

and the password used when obtaining the access ticket, 
the user ID and the permitted number of prints in the 
access ticket, and a login time as the data. In the 
case where the same user name already exists in the 
25 user information cache, the existing information is 

updated. And then, after the process of the step S925, 
a print pending Job is processed (step S922) to finish 
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tlie process* 

On tlie other- hand^ in tlie case where it is 
impossible to access the directory server 6 in the step 
S910, the attribute information (Permission to Use in 
5 case of Inaccessible Directory Sezrv^er) 307 is obtained 
to determine whether or not it is available even if the 
server cannot be connected (step S911). In the case 
where permission to use is not given, the tiser 
interface screen representing that a login is not 

10 permitted currently is displayed on the I-CD 23 (step 
S920) to finish the process - 

On the other hand, in the case where permission to 
use is not given in the step S911, the user interface 
screen prompting for the user name and the password is 

15 displayed on the LCD 23 (step S918), and it is 

determined whether or not the inputted pair of the user 
name and the password exists in the user information 
cache held by the RAM 22 or the dislc 30 (step S919), 
In the case where it does not exist in the user 

20 information cache as a result of this determination, 

the user interface screen representing that the devices 
may not be used with this user name cirrrently is 
displayed on the LCD 23 (step S921) to finish the 
process « 

25 On the other hand, in the case where the pair of 

the user liame and the password exists in the user 
information cache as a result of the determination in 
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tlie step S919, tiie pejmitted number of prints ±s 
computed, by the process mentioned later, and this value 
and the user ID are stored as the login information 
(step S923). In addition, the value of "Join Security 
Domain (Inaccessible Directory Server)" is set in the 
user management jnode in the login information. After 
the process of the step S923^ a print pending job is 
processed (step S922) to finish the process - 

The login information stored in this login process 
is used in order to limit and record operation in 
issuing jobs in a login session- To be mojre speoific, 
in the case where the printing is perfoirmed exceeding 
the permitted number of prints in the login 
information, the job is aborted • In addition, the 
number of prints printed in the job is subtracted from 
the permitted number of prints in the login 
information . 

Furthermore, in the case where the user management 
mode in the login information is "Join Security Domain 
(Inaccessible Dlrectoxy Server)," the value is updated 
by subtracting the number of prints printed in the job 
from the value of the maximum number of prints 312 or 
the pezToitted number of prints of the user information 
oache 1013 in accordance with the contents of "Limit 
Types for Use in case of Inaccessible Directory Server" 
308 that is the attribute information held in the 
devices • The user ID in the login information is 
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logged, togettier with, tlie numlDei:: of pr±nt:s pirxnted in 
ttte job issued ±n tlie login session* And. t:h.e login 
inf oxntation is abandoned: when ttie user logs off - 

Moreover^ even in tlie case whejre it is possible to 
connect to tlie dir-ectory seirver in ttiis embodiment, tbe 
login information bolds tli© pexmitted numbex: of pirinta 
as of logging in in ttte step S925 and tlie permitted 
number of prints is only updated by tlie Job issued from 
tbe console witbin tbe login period. In tlie case wbere 
it is possible to connect to tbe directory server, 
however^ it is also feasible to obtain tlxe peoonitted 
number of prints of tbe user beld by tbe directory 
server immediately before tlie Job is issued and limit 
the permitted number of prints thereby • In this case, 
the TGT is included in the login information held in 
the step S925 and the permitted number of prints of the 
user held by the directory server 6 immediately before 
the Job is issued is thereby obtained by the Kerberos 
protocoi and the LDAP protocol. 

The data of the user information cache to be 
updated in the process of FIGS. 20 and 21 is held in 
the RAM 2 2 or the disk: 30 as aforementioned- The data 
is represented as a set of one record in one line, and 
one record is comprised of a user name lOlO, a password 
1011, a user 1012, a permitted ntjmber of prints 1013 
and a login time 1014* 

FIG. 23 is a flowchart showing the procedure of 
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tlie print pending 30b in the steps S924 ana S922- Ttiis 
process is pearf armed on tlie MFP(l) 1* First, a list of 
tlie jobs of which execution of printing is pending in 
the MFP(l) 1 is obtained (step SllOl) * 

The user ID in the login information held in FIGS. 
20 and 21 is compared to the user XT> including a.s the 
attributes the jobs obtained in the step SllOl so as to 
create the list of the jobs in which both of them 
correspond (step 51102}- The user IDs of the jobs 
compared her-e are obtained and used by decrypting the 
access txcJcet in the case where the access tic3cet 726 
exists in the job^ and if not, a user ID 724 included 
in the job is used- 

As a result o£ the process in the step S1102 , it 
is deterniined whether or not the list is blanlc (step 
S11D3), and the process is finished in the case where 
it is not blank as a result of the determination. 

On the other hand, in the case where it is blank: 
in the step S1103, the list of the jobs in which the 
user IDs correspond is displayed as the user interface 
screen on the LCD 23 (step S1104) • FIG. 24 is a 
diagram showing the user interface screen displayed on 
an LCD 23 in the step S1104. Xn the diagram, 1202 
indicates the list of the jobs created in the step 
S1102, 1203 is the OK button for having the job 
executed, and 1204 is a cancel button for closing the 
user interface screen without having the job executed. 



" 40 - 



And. ±1: ±s de^ermxnea wliicli of ttie OK button 1203 
and the cancel button 1204 was pushed (step S1105), and 
in the case where the cancel button was pushed, it ±s 
terminated by closing the user interface screen. On 
the other hand, in the case where the OK button was 
pushed, the jobs in the list of the 3obs created in the 
step S1102 are executed (step S1106) to finish the 
process . 

FIGS. 25 and 26 are flowcharts showing the 
procedure when the MFP(l) 1 receives an access command 
for obtaining or setting individual attribute 
information from the PC(1) 2, the PC(2) 3 and the PC(3) 
4, First, the received command and its parameter are 
analyzed (step S1301) • 

It is determined whether or not the received 
command is an attribute acquirement command from the 
analysis results (step S1302) , In the case where it is 
the attribute acquirement command, it is determined 
whether or not the attribute specified by the attribute 
acquirement command can be acquired (step S1303)* In 
the case where it can be acquired, the value of the 
attribute held in the MFP is obtained (step S1304), and 
the obtained attribute value is set as the parameter of 
a send reply command, and the send reply command to the 
attribute acquirement command is sent to driver 
software (step S1305) to finish the process. 

On the other hand, in the case where the attribute 
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cannot be acquired in tlie step S1303, & notice that tl:ie 
a.tt3rlbute acquizrement failed is sent to tlie dUriveir 
softwai:© (step S1317) to fiuish tlie process • 

On th.e other liand, in the case where it is not the 
attribute acquirement command, in the step S1302, it is 
determined whether or not the received cominand is an 
attribute value change command £rom the analysis 
results in the step 1301 (step S1311) - In the case 
where it is the attribute value change command^ it is 
determined whether or not the attribute specified by 
the attribute value change command can be changed (step 

51312) . 

In the case where it can be changed, the specified 
attribute is changed to the specified attrihute value 
according to a specified command parameter (step 

51313) , aind the notice that the attribute value was 
successfully changed is sent to the driver software 
(step S1314) to finish the process • On the other hand, 
in the case wliere it cannot be cttanged, the notice that 
the attribute value change failed is sent to the driver 
software (step S1315) to finish the process. On the 
other hand, in the case where it is not the attribute 
value change command in the step SI 3 11, the received 
command is another command, and so the process 
depending on the other command is performed (step 
S1316) to finish the process, 

FIGS. 27 and 28 are flowcharts showing the 
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procedure £02: issuing a managrement: coiranand suoli as 
devxce management or job management from tlie PC(1) 2, 
ttie PC(2) 3 and tlxe PC{3) 4 to tHe MPP(l) 1- This 
process is performed on the PC(2) 3 and the PC(3) 4. 
5 First, the attribute information (current user 

management mode) 302 heid hy the MFP{1) 1 is obtained 
(step S1401) , 

It is determined whether or not the value of the 
attribute information 302 is "No User Management" (step 

f[ 10 S1402) * Xn the case where it is "No User Management" 

ifl as a result of the determination, the management 

command shown in FIG, 29 is generated and sent to the 

S MFP(l) 1 (step S1403), PIG. 29 is a diagram showing 

the data structure of the management command- In the 

C3 15 diagram^ reference n\imeral 1501 represents the user 
management mode and indicates which information of a 
user ID 1502^ a password 1503 and an access ticket 1504 
is valid- In addition, reference numeral 1505 
represents a command type* Moreover, reference numeral 
20 1506 represents a length of a parameter 1507 required 
for the command. 

The MFP(l) 1 processes the received management 
command according to the procedure shown in FIGS* 30 
and 31, and transmits the results* Ifhe reply sent from 
25 the MFP(l) 1 is processed (step S1417) . This process 

is different depending of the process of the management 
command sent in the step S1403, and especially in the 
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ca^se where the management coiniaand ±s "Lxst Jotos'' that Is 
a comraand for obtainxng the list of the jobs o£ whJLch 
management command is held in the MFP , the list o£ the 
jobs included in the reply is displayed as the user 
interface screen on the CRT 33. This process is 
finished thereafter » 

On the other hand, in the case where there is the 
user management as a result of the determination in the 
step S1402, it is determined whether or not the value 
of the attribute information 302 is "Password" (step 
S1404), In the case where it is "Password" as a result 
of the Gle termination, the user interface screen 
prompting for the password is displayed on the CRT 33 
{step S1405). And the management command setting the 
inputted password is generated and is sent to the 
MPP(l) 1 in the step S1403. 

On the other hand, in the case where there is no 
password as a result of the determination in the step 
S1404, it is determined whether or not the value of the 
attribute information 302 is "User IP" (step S1406). 
In the case where it is "User ID" as a result of the 
determination, the user interface screen prompting for 
the usBx- ID is displayed on the CRT 33 (step S1407)- 
And the management command setting the inputted user ID 
is generated and is sent to the MFP{1) 1 in the step 
S1403. 

On the other hand, in the case where it is not 
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"User ID" as a result of tlie detemctinatxoii ±n tbie step 
S1406* ±1: ±s detexnd-ned wliettier or not: tlie value of th.e 
a-fct:rxbu1:e information 302 is "User XD and Password" 
(step S1408)- In tne case where it is "User ID and 
Password" as a result of tlie detennination , th.e user 
interface screen prompting for ttie user ID and tlie 
password is displayed on tiie CRT 33 (step Si409)- And 
tlie maxiagement coimnand setting tlie inputted user ID and 
tlj.e password is generated and is sent to tlxe MFP{1) 1 
in tlie step S1403- 

On tlie otixer liand, in tiie case where it is not 
"User XD and Password" as a result of tlie determination 
in ttie step S140S, it is determined on tlie PC being 
used wlietb.er or not the user has already logged in to 
the security domain managed by the directory server 6 
(step S1410)« a?his determination is made by inquiring 
of an operating system of the PC being used* 

In the case where the user has not logged in as a 
result of the determination, the user interface screen 
prompting for the user ID and password is displayed on 
the CRT 33 (step S1411)^ and the information is sent to 
the directory server 6 by using the Kerberos protocol 
so as to obtain the TGT (Ticket Generation Ticket) 
information (step S1413)* 

On the other hand, in the case where the user tias 
already logged in as a result of the determination in 
the step S1410, the TGT used in the current session is 
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reguested of tlie operating systera aud is obtained since 
the user* Jxas already logged in (step S1412) . 

Tlie TGT obtained in the step S1412 or S1413 and 
the identifier (parameter) identifying the MFP(l) 1 of 
the Job issue destination are sent to the directory 
server 6 by the Kerberos protocol to obtain the access 
ticket for the MFP(l) 1 (step S1414)* The access 
ticket obtained her-e has the information on the user 
name, the U3er ID^ the user*s permitted niimber of 
prints and its expiration date encrypted by cryptogx-aph 
key 306 of the MFp(i) 1. n?he data format in the access 
ticket and the encryption (algorithm) to be used are 
uniquely determined in advance according to the 
currently corresponding directory server type 304. 

The management command setting the access ticket 
obtained in the step SX414 is generated and is sent to 
the MPP(i) 1 (step Si415) . The same reply process as 
in the step S1417 is performed thereafter (step S1416)- 
"The process is finished thereafter. 

FIGS. 30 and 31 are flowcharts showing the 
procedure for MFP(l) to process the management coinmand 
generated by the process in PIGS. 2 7 and 2S and then 
sent to the MFF(l) l. This process is performed on the 
MFP(l) 1, 

First, the attribute infoxmation (current user 
management mode) 302 is obtained (step S1601). It is 
determined whether or not the value of the attribute 
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information 302 is "No User Management:" (step S1602) . 
In the case of "XvTo User Management" as a result, of th.e 
determination, the value 0 is set on the user ID 1502 
in the management command (step S1603) , and processing 
is performed according to the command types from the 
step S1613 onward. 

On the other hand, in the case where there is the 
user management as a result of the determination in the 
step S1602, it is determined whether or not the value 
of the attribute information 302 is "Password" (step 
S16 04) . In the case where it is "Password" as a result 
of the determination, the password value held in 
advance in the RAM 22 or the dislc 30 is compared to the 
password 1503, and in the case where they coincide, the 
value 0 is set on the user ID 1502 in the management 
command (step S1605), Hereafter, processing is 
performed according to the command types from the step 
S1613 onward. In the case where they do not coincide, 
the error is returned and the management command 
processing is aborted. 

On the other hand, in the case where it is not 
"Password" as a result of the determination in the step 
S1604, it is determined whether or not the value of the 
attribute information 302 is "User ID" (step Si606). 
In the case where it is "User XD" as a result of the 
determination, the user ID value held in advance in the 
Riyyi 22 or the disk 30 is compared to the user ID 1502 
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(step S1607). In the case where tliey ooiaoiae, 
procesr^ing Is performed accoirding to tlie command types 
from the step S1613 onwaord. In tiie case wiiere they do 
not coinoxde, the error is returned and the management 
5 command processing Is aborted* 

In the case where it is not "User ID" as a resuit 
o£ the determination in the step S1606, it is 
determined whether or not the value of the attribute 
information 302 is "User ID and Password" (step S1608) . 

10 In the case where it is "User ID and Password" as a 

result of the determination, the user ID value and the 
password value held in advance in the RAM 22 or the 
disk 30 are compared to the user ID 1502 and the 
password 1603 respectively (step S1607) , and in the 

15 case where they coincide, processing is performed 
according to the command types from the step S1613 
onward. In the case where they do not coincide, the 
error is returned and the management command processing 
is aborted, 

20 On the other hand, in the case where it is not 

"User ID and Password" in the step Si60S^ the value of 
the access ticket 1504 is decrypted by using the 
cryptograph key 306 (step S1610)* The validity and the 
expiration date of the access ticket are determined as 

25 a result of the decryption (step S1611) , and in the 
case where the access ticket is valid as a result of 
the determination, the user ID in the access ticket is 



- 48 - 



set as the user ID 1502 in the managemeut: command, and 
processing is perf oxmed aocoardxng to the command typ^s 
from the step S1613 onward. On the other hand. In the 
case where the access ticket is invalid as a result of 
5 the determination in the step 51611, th^ error is 
returned (step SI 612) , and the management command 
processing is finished. 
% In the process from the step S1613 onward ^ it is 

determined whether or not the command type 1505 is 
J; 10 "IiistJobs" (to obtain the list of the jobs) (step 
gj S1613) • In the case where the command type 1505 is 

"List Jobs" as a result of the determination, the list 
O of the jobs held in the ME*P(1) 1 is obtained (step 

fU S1614) . At this time, if "Current User Management 

ft 15 Mode'' 302 is "Join Security Domain," the access ticlcet 

726 of each Job is decarypted with the cryptograph Icey 
306 and the obtained user ID is set as the user ID 724 
of the job. 

And the user ID 724 of the Job obtained in the 
20 step S1614 is compared to the user ID 1502 included dLn 
the management command, so that the Job name of the Job 
wherein they do not correspond . is converted into a 
blank (step S1615)- On the other hand, the job name of 
the job wherein they correspond is not converted into a 
25 blank. The job list obtained in the step S1615 is 
returned (step S1616) and the process is finished- 

On the other hand, it is determined whether or not 



tiie command type 1505 is "CanceUob" (to cancel a 
specified 30b) as a xresult of ttie determinatiozx ±n the 
step S1613 (step S1617). Xn tlie case wiiere the command 
type 1505 is not "CancelJob" as a result of the 
detexminatioji^ the device luanageraent command is 
processed (step S1619) to finish the process. In the 
processing of the device management command in the step 
SI6I9, a plurality of device management commands may be 
processed by dividing them into cases by using the 
command type 1505, 

As a result of the determination in the step 
S1617, the information on the specified job is obtained 
(step S1S18)- In the case where "Current User 
Management Mode" 302 is ''Join Security Domain" at this 
time, the access ticket 726 of the job is decrypted 
wltJi the cryptograph key 306 and the obtained user ID 
is set as the user ID 724 of the job. 

And the user ID 724 of the job is compaj^&d. to the 
user ID 1502 included in the management command (step 

51620) , and in the case where they do not correspond, 
it is replied that the execution of the management 
command failed (step S1623) to finish the process. On 
the other hand, in the case where they correspond in 
the step S1620, the specified job is cancelled (step 

51621) , and it is replied that the execution of the 
management command was successful (step S1622) to 
finish the process > 
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Moreover, it Is possible, by cbangxng 1:lia process 
±n the step S1621, to have the job management othei: 
than a job cancel to which a job access control 
function is addeti (a temporary halt, a restart, an 
interruption, higher priority and lower priority of the 
job, for- instance) perfoxmedl. 

FIG- 32 is a flowchart showing the procedure for 
totaling the logs of the MFP{1) 1 and the MFP(2) 5 and 
updating the permitted numbex- of prints and the number 
of accumulated prints for each user of the directory 
server 6. This process is performed on the directoary 
sexver 6. First, the logs aire obtained from the 
subject MFPs (step S1901). 

The number of prints printed for each user XD is 
totaled from the log information (step S1902)* The 
permitted number of pzrints and the accumulated number 
of prints of each user are obtained from the directory 
server 6 by the LPAP protocol, and the obtained number 
of prints is subtracted from the permitted number of 
prints, and is further added to the accumulated number 
of prints, and then the obtained results are set in the 
directory server 6 by the LDAP protocol (step S1903), 
Thus, the permitted number: of prints and the 
accumulated number of prints for each user in the 
directory server 6 are updated* 

Thus, the process in FIG. 32 is performed to th.e 
MFP(l) 1 and the MFP(2) 5 so that the permitted number 
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Of prxnts and tHe accumulated number of prints for tHe 
two 1>1FPS are centrally managed iDy tHe dxrectory server 
6. 

Moreover, as anotlier embodiment, in ttxe case wliere 
5 tlie data of tne dijrectory server 6 is updated Ir^y 

connecting to the directory server 6 eacli tim^ ttie job 
is £inislied without logging the number of prints used 
in the job, it is not necessary to perform the process 
in FIG. 32. 

10 FIGS* 33 and 34 are flowcharts showing a computing 

procedure for computing the permitted number of prints 
when it is ijnpossible to connect to the directory 
server in the step S923 in FIGS* 20 and 21- This 
process is performed on the MFP(l) 1- Firsts Current 
15 Limit Type for Use in case of Inaccessible Directory 
Server 309 is obtained (step S2001). 

It is determined whether or not the limit type 309 
is "No Limit" (step S2002)- In the case where it is no 
limit as a result of the determination, the permitted 
20 number of prints is set as infinity (step S2003) to 
finish the process. On the other hand, in the case 
where it is not no limit as a result of the 
determination in the step S2002, it is determined which 
of "Time," "Time and Fixed Max No. of Prints," or ''Time 
25 and Max No, of Prints" the limit type 309 is (step 

S2O04). In the case it falls under one of them as a 
result of the determination, the user's final login 
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time 1014 in tti© user information cactie is obtained 
(step S2005}, and it is determineti whetliex tlie time 
difference between this tiroe and tlie current time is 
tb.e value specified by tbe time limit length, 310 or 
less (step S2006), 

In the case where it is the specified value or 
less, the permitted number of prints is set at O (step 
S2007) to finish the process- On the other hand^ in 
the case where it is not any of "Time," "Time and Fixed 
Max No, of Prints," or "Time and Max No- of Prints" or 
in the case where it is within the time limit in the 
step S2006 as a result of the determination in the step 
S2004, it is determined which of "Fixed Max No. of 
Prints," or "Time and Fijced Max No. of Prints" the 
limit type 309 is (step S200S) . 

In the case where it is either "Fixed Max No^ of 
Prints^*" or "Time and Fixed Max No* of Prints," the 
vaiue of the maxiaium number of prints 312 is set as the 
permitted number of prints (step S2010) to fxnish tlie 
process. On the other hand, in the case where it is 
neither "Fixed Max No* of Prints," nor "Time and Fixed 
Max No* of Prints," as a resuit of the determination in 
the step S2008, it is determined which of "Max No. of 
Prints," or "Time and Max No- of Prints" the limit type 
309 is (step S2009)- In the case where it is either 
"Max No- of Prints," or ^Time and Max No. of Prints," 
the number of prints is calculated by the following 
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equation (1) so as to set it as tlie permitted number of 
pr-xnts (step S2011) to finish, tiie process. 

Permitted No- of Pjrints = Permitted No. of Prints 
in User Information Cach.e 1013 - Reduction Rate of Max 
No. of Prints per Day x Time (Days) from Pinal Login 
... (1) 

Here, tlie Time (Days) from Final Login is 
calcuiated by subtracting ttxe current time from tlie 
user information caclie login time 1014, dividing that 
time by the value 24 and dropping tbe fractional 
portion ♦ 

On the other hand, in the case where it is neither 
"Max No, of Px-ints," nor "Time and Maic No* of Prints," 
as a result of the determination in the step S2009, Max 
No- of Prints for each Login 313 is set as the 
permitted number of prints (step S2012) to finish the 
process . 

Moreover, while "Supported User Management Modes," 
"Adaptive Directory Server Types," and "Limit Types for 
TJse in case of Inaccessible Directory Server" are 
obtained by the PC{1) 2, the PC{2) 3 and the PC(3) 4 
directly from the MFP(1} 1 according to the procedures 
shown in the flowchaarts in FIGS. 6, 8 and 10 
respectively in this embodiment, it is also feasible, 
as another embodiment, to obtain "Supported User 
Management Modes," "Adaptive Directory Server- Types," 
and "Limit Types for Use in case of Inaccessible 
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Directory Server" from tHe MFP(l) 1 and Hold tHem as 
tHe devxoe information in the directoiry server 6 once 
so tHat ttie PC{1) 2, the PC(2) 3 and the PC(3) 4 will 
obtain them from the directory server 6* 
(Second Embodiment) 

While the access ticket is included in the 
management coinmand in FIG- 29 in the above described 
first embodiment, a data size of the access ticket is 
generally larger than other data si^es of the 
management commands, which may result in a problem in 
performance and so on- A peripheral equipment control 
system to solve this problem will be described as the 
second embodiment below, 

FIG. 35 is a diagram showing the data structure of 
the management command generated by a management 
command generation process mentioned later and sent to 
the MFP(l), In the diagram, reference numeral 2301 
denotes the user management mode and indicates which 
information of a user ID 2302^ a password 2303 ana a 
session key 2304 is valid . 

The session key 2304 is issued by the MPP(l) 1 and 
is associated with the access ticket one to one by an 
access ticket cache in the MFP(l) 1- In the diagram, 
reference numeral 2305 denotes the command type. 
Reference numeral 2306 denotes the length of a 
parameter 2307 required for the command. 

FIG. 36 is a diagram showing the data structure of 
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tiie access ticket cache lield ±n tlie RAH 22 by the 
process o± the access txclcet setting command mentioned 
latex-. The access ticket cache is comparlsed o£ a 
plurality of records, wherein one record is a pair of a 
session key 2401 and an access ticket 2402 • The access 
ticket held here is one after decryption by using the 
cryptograph key 306. 

FIGS- 37 and 38 are flowchaxrts showing the 
procedure for MFF{1) to process the management command 
generated by a management command generation process 
mentioned later and sent to the MPP(l), This procedure 
is performed on the MFP{1) 1. As the step processing 
up to the step S1608 in FIGS^ 30 and 31 are the same in 
this procedure, that step processing is omitted, and 
the case where the determixiation process in the step 
S1608 is NO (false),, that is, the case where the user 
management mode is "Join Security Domain" will he 
described first* 

First, it is determined whether or not the session 
key 2304 has the value 0 (step S2501), In the case 
where the session key 2304 has the value 0 as a result 
of the determination in the step S2501, it is 
determined whether or not the management command type 
2305 is the "access ticket setting command" (step 
S2502) - In the case where it is not the "access ticket 
setting command," the error is returned (step S2507) to 
finish the process. 
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On the otlier hand, xn the case where it is the 
"access txclcet setting command" as a result of the 
determination in the step 32502, the value of the 
access ticlcet included in the management command 
5 pax-ameter 2307 is decrypted by using the cryptograph 
3cey 306 (step S2519) * As , a result of the decryption, 
the validity and the expiration date of the access 
ticket are determined (step S2520) . 
Cf In the case where the access ticket is not valid, 

10 the erx-ox- is returned (step S2S21) to finish the 

processing of the management command- On the other 
hand^ in the case where the access ticket is valid as a 
p result of the determination in the step S2520, the 

jil session key corresponding to the access ticket one to 

^ 15 one is generated, and the contents of the decrypted 
m access ticket are stored in the access ticket cache 

together with the session key (step S2503) , The 
generated session key is returned (step S2504) to 
finish the process . 
20 On the other hand, in the case where the session 

key has any value other than O in the step 82501, the 
session key is searched for in the access ticket cache 
(step S2505), and it is determined whether or not the 
session key exists (step S2506 ) , As a result of the 
25 determination^ the error is returned (step S2507) to 
finish the process . 

On the other hand, in the case where the session 
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key exists a.s a result: of t.li& del:ennina.1:iOT> in tlie step 
S2506^ tiie access ticket corr-espon<3.ing to the session 
3cey is obtained from the access ticket cache, and the 
user ID in the access ticket is set as the user ID 2302 
in the management command (step S2522) and processing 
is performed according to , the command type from the 
step S2508 onward - 

Xn the process from the step S250S onward, it is 
determined whether or not the command type 2305 is 
"List Jobs" {to obtain the list of the Jobs) (step 

52508) , In the case where the command type 2305 is 

** List Jobs" as a result of the determination, the list 
of the jobs held in the M]PP(1) 1 is obtained {step 

52509) , At this time, if "Current User Management 
Mode" 302 is "Join Security Domain*" the access tic3?:et 
726 of each 30b is decrypted with the cryptograph Icey 
306 and the obtained user ID is set as the nser XD 724 
of the 30b* 

The user ID 724 of the 30b obtained in the step 
S2509 is compared to the user XD 2 302 included in the 
management command, so that the job name of the job 
wherein they do not correspond is converted into a 
blank (step S2510) , The obtained job list is returned 
(step 52511) to finish the process. 

On the other hand, it is determined whether or not 
the command type 1505 is "Cancel Job" (to cancel a 
specified job) as a result of the determination in the 
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3tep S250S (step S25X2), Xn tiie case where tiie commana 
type 2305 is not: "CancelJob," the device management 
coimnand is processed (step S2517) to finish the 
process - In the processing of the device management 
command, in the step a plurality of device 

management commands may h^ processed by dividing them 
into cases by using the command type 2305 • 

On the other hand, in the case where the command 
type 1505 is "Cancel Job" as a result of the 
determination in the step S2512. the information of the 
specified Job is obtained (step S2513). At this time^ 
if "Current User Management Mode" 302 is "Join Security 
Domain," the access ticket 726 of the job is decrypted 
with the cryptograph Icey 306 and the obtained user ID 
is set as the user ID 724 of the job. 

And the user ID 724 of the job is compared to the 
user ID 2302 included in the management command (step 
S2514), and in the case where they do not correspond, 
it is replied that the execution of the management 
command failed (step S2518) to finish the process. 

On the other hand, in the case where they 
correspond in the step S2514, the specified job is 
cancelled (step S2515) , and it is replied that the 
execution of the management command was successful 
(step S2516) to finish the process. 

Moreover, it is also possible, by applying the 
management command procedirre shown in FIGS. 37 and 38 



when processing ttie job, to have the session key 
included in the job instead of having the access ticket 
included in the job a.s shown in FIGS. 17, 18 and 19* 

FIG- 39 is a flowchart showing the procedure for 
issuing the management command such as the device 
management or the job management from the PC(1) 2, the 
PC(2) 3 and the PC(3) 4 to the MFP(l) 1 performing the 
process in FIGS* 37 and 3S - This procedure is 
performed on the PC{1) 2, the PC(2) 3 and the PC(3) 4, 
As this procedure is the same up to the steps S1412 and 
SX413 in FIGS. 27 and 28^ the procedure after the TGT 
is obtained by the steps S1412 or S1413 is described 
here. 

To be more specific, the TGT obtained ±n the step 
S1412 or S1413 and the identifier (parameter) 
identifying the MPP(l) 1 of the job issue destination 
are sent to the directory server 6 by the Kerheros 
protocol to obtain the access ticket for the MFP(l) 1 
(step S2601). The access ticket obt:ained here has the 
information on the user name, the user ID, the user's 
permitted number of prints and its esipiration date that 
are encrypted by the cryptograph key 306 of the MFP(l) 
1- The data format in the access ticket and encryption 
(algoritjbim) to be used are uniquely determined in 
advance according to the currently corresponding 
directory server type 304* 

The access ticket setting command wherein the 
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access ticket obtained, in tlxe step S2601 is set as tUe 
commaiid par'ameteT' 2307 is generated, and sent to ttie 
MFP(l) 1 (step S2602)* As for the management command 
sent here, the session key 2304 has the value 0 and the 
5 command type 2305 is the "access ticket setting 
command • " 

It is determined whether or not the reply from the 
MFP(l) 1 is the error (step S2603), and the process is 
terminated in the case of the error* On the other 

10 hand, in the case where it is not the error as a result 
of the determination in the step S2603, the session key 
obtained in the step S2602 is set as the management 
command session key 2304, and appropriate values are 
set on the management command type 2305 ^ the command 

15 parameter length 2306 and the command parameter 2307 of 
the management command data and they are sent to the 
MFP(l) 1 (step S2604). The reply from the MFP(l) 1 is 
processed (step S2605) to finish the process - 

Moreover^ when the same user issues the Job 

20 management command or the device management command to 
the same MFP^ the required access ticket has already 
been held by the HFP and the session key thereto has 
been obtained, so that the steps from the step S2 601 to 
the step S2603 may be omitted. Thus^ the 30b 

25 . management and tlie device management of the MFP can be 
implemented with good performance* 
(Third Embodiment) 
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Xn the above <aescr^±bed f±3rst: embodiments tbe case 
wbeare tlie print pending job issued from a. client PC is 
printed by using an operation panel (tlie LCD 23 and the 
keyboa:t:d 24) of the MFP(l) 1 (the step S922 in FIG. 20 
5 and the steps SllOl to S1106 in FIG- 23) was described. 

In the third embodiment, an escample wherein the 
COPY Job is issned according to an operating 
instruction from the operation panel (the LCD 23 and 
the keyboard 24) of the MFP(l) 1 and the copy job is 
10 executed in the MFP(l) 1 will be described. 

To be more specific, it is the example wherein the 
job is issued from the MFP(l) 1 instead of the client 
PC- 

FIG. 40 and 41 are flowcharts showing th© 

15 operation of the MFP(l) at that time. 

First, the "Current User Management Mode" 
attribute 302 that is the attribute information held by 
the MFP(l) 1 is obtained (step S4001) - It is 
determined whether or not the value of the attribute 

20 information 302 is "Ho User Management" (step 54002)^ 
and then the scanner engine 27, the printer engine 28 
and so on are controlled to execute the copy job (step 
S4003), 

If It is determined whether or not the value of . 
25 the attaribnte information 302 is "Password" in the step 
S4004, the copy job is essecuted (step 54003) according 
to the input of the normal password (step S4005) from 



the operation panel (the LCD 23 ana the keyboard 24). 

If It Is detexTiu-ned that the value of tlie 
attribute information 302 is "User ID" in the step 
S4006, the copy 30b is executed (step S4003) according 
to the input of the normal user ID (step S4007) fi:om 
the operation panel (the LCD 23 ajad the keyboard 24). 

If it is determined that the value of the 
attribute information 302 is "User ID and Password" in 
the step S4008, the copy 30b is executed (step S4003) 
according to the input of the normal user ID and 
password (step S4009) from the operation panel (the LCD 
23 and the keyboard 24) . 

On the other hand, in the case where it is not 
"User ID and Password" &s a result of the determination 
in the step S400S, it moves on to the step S4010 
deterxaining that it is managed by the directory server 
6, 

In the MFP(X) 1, it is determiued whether or not 
the user has already logged in to the security domain 
managed by the directory server 6 (step S4010) - 

In the case where the user has not logged in as a 
result of the determination^ the user interface screen 
prompting for the user ID and the password is displayed 
on the LCD 23, and the input from the operation panel 
(the LCD 23 and the keyboard 24) is received (step 
S4011) • 

And the user ID and the password inputted from the 
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opearation panel (the LCD 23 and tHe keyboa:rd 24) are 
sent to tlxe directory server 6 by using tlie K^rberos 
protocol so as to obtain TGT (Ticket Generation Ticket) 
information (step S4013). 
5 On the other hand^ in the case where the user has 

already logged in as a result o£ the determination in 
the step S4010, the TGT used in a current session is 

2 requested and obtained (step S4012)- Here, in the case 

■4J 

^ where the user has already logged in* the user name and 

01 

10 so on are held in the MFP(l) 1, 
^ The TGT obtained in the step S4012 or S4013 is 

'"f used to obtain the permitted ntimber of prints 

O infoinnation of the user falling under the user name 

ry held by the Mf*P(l) 1 or the user name inputted in tlie 

5^ 15 step S4011 from the directory server 6 by the Kerberos 
h^- protocol and the LDAP protocol (step S4014)* 

It is deteimined thereafter whether or not the 
permitted number of prints is one or more (step S4015) ^ 
and in the case where it cannot be printed since it is 
20 less than one as a result o£ the determination, t:he 

user interface screen represenliing that the Job cannot 
be issued is displayed on tlie I*CD 23 (step S4016) to 
finish the process - 

On the other hand, in the case where printing is 
25 possible with the permitted number of prints of one or 
more as a result of the determination in the step 
S4015, the TGT obtained in the step S4012 or S4013 and 
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ttie parameter- of the xdentifxer identifying the MFP(l) 
1 aire sent to the directory server 6 by the Kerberos 
protocol to obtain the access ticicet for the MFP(l) 1 
(step S4017) - 

The access ticket obtained here has the 
information on the user name, the user ID, the user's 
permitted number of prints and its expiration date that 
is encrypted by cryptograph key attribute information 
306 of the MFP(l) 1. A data format in the access 
ticket and encryption (algorithm) to be used are 
imiqtieiy determined in advance according to the 
cur-rently corresponding directory server type 
(attribute information 304). 

And the access ticket obtained in the step S4017 
and the other information required for the Job are set 
on the Job, and then the copy Job is executed (step 
S4018) • 

Xn the step S4019, log information on the 
directory server 6 as to the user wiio executed ttie copy 
Job is updated based on the results of the copy Job 
executed in the step S401S- 

To be more specific, the permitted number of 
prints and the number of accumulated prints 
corresponding to the user who executed the copy Job is 
obtained from the directory seJrver 6 by the liDAP 
protocol^ and the number of copies used in the step 
S4018 is subtracted from the permitted number of prints 
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and xs furtlier added to tlie number of accumulated 
pirints so as to set tHese obtained results on tbe 
directory server 6 by tbe LDAP protocol - 

Thus , tlie permitted number of prints and tbe 
5 number of acctamulated prints managed by tbe directory 
server 6 for each, user are updated* 

FIG, 42 Is an escample o£ tbe data structure of tbe 
inf03rmation on tHe user logging into eacli client PC 
registered witli and managed by the directory server 6 ♦ 

10 According to tbis diagram, tbe user ID is 

registered first as tbe information on eacb user sucb 
as a user A and a user B, and tben and tbe number of 
accumulated prints and tbe permitted number of proJits 
are registered for eacb user. 

15 If tbe user inputs the user ID and so on from tbe 

operation panel of tbe MFP{1) 1 and logs in to tbe 
directory server 6 to execute tbe copy job, tbe 
directory server 6 updates the number of accumulated 
prints and tbe permitted number of prints tbat are 

20 registered corresponding to tbe user ID based on tbe 
log information of tbe copy job from tbe MFP(l) 1. 

As mentioned above > according to tbe third 
embodiment, it is possible to bave tbe PC user use tbe 
copier by inputting from tbe operation panel of tbe 

25 copier autbentication information inputted on logging 
in from tbe PC to tbe netitfork^ so that tbe use of tbe 
copier by each user can be centrally managed by tbe 
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d-irectoiry sexver. 

As set forth above, a-ooorclxng to tlie a.t»ove 
embodijnent , unified Job mana.gement can be performed as 
to th.e access in the network environment • In addition, 
unified Job management can be performed as to tlie 
access in ttie network environment- Moreover, only the 
user who issued the job can cancel the Job* 

In addition, only the user who issued the Job can 
iknow the entire information on the job, and the other 
users can only 3?now partial information on the Job* 
Moreover, it is possihle to perform unified job 
infoirmation on the access with good performance in the 
network environment- Furthermore, only the user who 
issued the Job can cancel the Job with good 
perf oijaance * Moreover^ only the user who issued the 
Job can know the entire information with good 
performance, and the other users can only know the 
partial information on the Job, 

In addition, it is possible to perform unified 
device management as to the access in the network 
environment. Moreover, it is possible to perform 
xjnif led device management as to the access in the 
network environment with good performance, Xt is also 
possible to issue the Job management command to the 
MFPs. Furthermore, it is. possible to issue a Job 
cancel command to -the MFPs - It is ^Iso possible to 
display the Jobs to the MFFs* Fiir thermore , it is 
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possible to Issue tlie device management comiuand to the 
MFPs. 

According to tliis embodiment, it is possible to 
obtain the list of the directory server types which the 
5 MFPs can support from the outside via the network and 
so . on. lu addition, it is possible to obtain and set 
the directory servei: types which the MFPs axre curxently 
supporting from the outside via the network and so on. 
Furthermore y it is possible to obtain the list of the 
10 directory server types which can be supported and 

display it on the user interface- It is also possible 
to obtain the directory server which, can be supported 
and display it on the user interface and also change 
the settings , 

15 According to this embodiment, it is possible to 

use the unified user information on a plurality of 
MFPs. In addition, it is possible to centraily manage 
tbe number of accumulated prints and the maximum number 
of prin-fcs in tbe environment using a pXurality of MFPs, 

20 Moreover, it is possible to limit printing for each 

user by the maximum number of prints in the environment 
using a plxorality of MFPs. 

In addition, it is possible to set an operation 
mode to be taken in the case of a failure of connecting 

25 to the directory server from the outside via the 

network smid so on. Furtbermore , the MPPs can be used 
in the case of a failure of connecting to the directory 
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server, Moireover^ tlae MFPs can be used witliin a f±xed 
t±ine of tlie final rxoxmal logxn in tlie case of a failure 
of connecting to the directory seaTver. In addition, 
th.e MFPs can b© used to tiie extent not exceeding tlie 
5 maximum number of prints stored in the device within 

the fixed time of the final normal login in the case of 
a failure of connecting to the directory server. 
J; Moreover, the MFP^ can be used up the maximum number of 

vQ prints at the time of the final normal login within the 

4!; 10 fijxed time of the final normal login in the case of a 
fi failure of connecting to the directory server* In 

'5 addition, the MFPs can be used to the extent not 

p exceeding the maximum number of prints stored in the 

^1 device in the case of a failure of connecting to the 

15 directory server. 

In addition, the MFPs can be used up the maximnm 
number of prints at the time of the final normal login 
in the case of a f ailinre of connecting to the directoiry 
server . Moreover, the MFPs can be used to the extent 
20 not exceeding the maximxim number of prints for each 
login in the case of a failure of connecting to the 
d-lrectory server. In addition^ it is possible to 
prohibit the user from using the MFPs in order to 
perform correct user management in the case of a 
25 failure of connecting to the directory server . 

Furthermore, the MFPs can be used up the mascimxam number 
of prints to which the expected number of prints after 
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noirraally connecting to the directory searver is aa<3Led, 
In addition, it is possible to issue ttie 3obs to the 
MFJPs - 

Moreover, wliile tlie embodiments of the present 
invention were described above, the present invention 
is not limited to the configurations of these 
embodiments, but it is applicable to any configuration 
capable of accomplishing the functions according to the 
claims or the functions that tbe configurations of the 
embodiments have. 

In addition, it is needless to say that the 
p^resent invention is applicable to the cases wheare it 
can be accomplished by supplying the program to the 
system or the equipment by means of a record medixam 
storing a program code of software for implementing the 
functions of the aforementioned embodiments- In this 
oase, the program code read from the storage medium 
itself implements a new function of the present 
invention, so that the storage medium storing tbe 
program constitutes the present invention. 

In tbe above embodiments, the program code shown 
In each flowchart is stored in the storage medium- As 
for the storage medium for supplying the program code, 
for instance, a ROM^ a floppy disK, a hard disk, an 
optical disk, a magneto -optical disk, a CD-ROM, a CD-R, 
a DVD, a magnetic tape, a nonvolatile memory card and 
so on can be used* 
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According to tlae present: invention, unified access 
controi can be performed as to tlie job management in 
tlie network environment* In addition^ tlie unified 
access control can be performed as to tlie job 
5 management in th.e network environment so tliat tlie 
performance will not deteriorate* 

Xn addition, it can provide a general purpose 
peripberal equipment control system wlierein tlie 

^0 periplieral efjuipment control software does not require 

Ql 

10 the subject MPP to wait for tKe information on tlie 
™!: corresponding directory server type, 

"I Moreover, tiie unified management of the user 

p information is performed so ttiat tbe same user 

f{i information can be used by a plurality of devices in 

y 15 tbe environment for using a plurality of devices 

1^1: connected to tbe network and so on* Xn addition, it is 

possible to perform central management of tbe 
accumulated number of prints and the maximum number of 
prints of the user in the environment for using a 
20 plurality of devices connected to the network and so 

on, Ftxr thermore , it is possible to temporarily use the 
MFPs in the case of a network failure. 



